In the first interview post her departure as in-house compliance counsel for the Justice Department, Hui Chen provided key insights to a topic all compliance officers can appreciate regardless of political inclinations: how to evaluate the effectiveness of compliance programs. Take a look at how those insights can be implemented in your program.

The WannaCry cyberattack is being called the biggest ransomware attack in history. The insidious nature of the attack heightens the urgency of implementing sophisticated cybersecurity measures. It also reinforces the necessity of a cross-functional approach to cybersecurity and the critical role Compliance plays within that approach. Take a look at Compliance’s role in preventing the next WannaCry attack.

A recent survey of chief compliance officers highlights the progress and challenges of today’s compliance function. The good news is great, and the not so good news can be improved upon with tools already available to organizations.

A recent survey of chief compliance officers highlights the progress and challenges of today’s compliance function. The good news is great, and the not so good news can be improved upon with tools already available to organizations.

We live in a world where reputational damage can happen fast, and with devastating consequences. When we work with third parties, this damage can happen due to forces outside our organizations. Whatever marketing efforts we take to build our brand reputations should be complemented by efforts to protect that reputation from third-party risk. Learn about the processes and platforms we can use to do this.

Third-party risk ownership sits across any number of functions in today’s organizations, so why doesn’t third-party accountability do the same? “Accountability” means different things to different people within your enterprise, and pain points are unique as well. If there is no single owner of third-party risk, group-level accountability can help ensure there is proper responsibility for third-party management.

There is clearly risk working with third parties, but what is too often lost in the discussion is the business case for robustly and diligently assessing and monitoring third parties in a risk based manner. We cannot just view third-party management as a contingency plan for potential litigation but as a necessary step for third party selection that is tied to ROI.

Considering an assessment of your ethics and compliance efforts? The question is not if but when. In the ever-changing world of business, when are you going to ensure that your compliance program is keeping pace with the evolving landscape of risk? Here are some things to consider when determining whether or not to assess.

As the GRC landscape continues to evolve at a rapid pace, organizations must expand their thinking about what it means to be an ethical organization—and how to create one. Learn more in this post from NAVEX Global CEO Bob Conlin.

Pages

About the Blog

The top minds in ethics & compliance

Ethics & Compliance Matters™, the official blog of NAVEX Global. Leverage the news, insights and best practices you find here to stay ahead of GRC trends, and take your compliance program to the next level.